01 Who We Are
Gitox is an iOS application developed by Rogerio Sobrinho ("we", "us", "our"). You can reach us at contact@gitox.app.
02 What We Store and Where
All data Gitox stores lives on your device. We have no backend servers and no user accounts on our side.
iOS Keychain (encrypted, device-only):
- Git hosting accounts you add — username, display name, email, avatar URL, provider
- HTTPS access tokens and OAuth tokens for GitHub, GitLab, Bitbucket, or self-hosted instances
- SSH key pairs you generate or import — private keys are never transmitted
- Your Pro entitlement token, issued by Apple after purchase
App preferences (non-sensitive):
- App settings — theme, language, editor configuration
- Last 100 diagnostic log entries — sanitized to remove tokens and credentials before storage
What we never store:
- Repository contents or file data
- Commit history, diffs, or code
- Anything on our own servers — we have none
03 Git Operations & Third-Party Services
When you clone, fetch, push, or perform any Git network operation, Gitox communicates directly between your device and the Git host you configured. We are not an intermediary — the connection is point-to-point from your device.
Your credentials are transmitted only to the host you authenticated with, using standard HTTPS or SSH protocols.
04 AI Agent
Gitox includes an optional AI-powered assistant for repository analysis, available to Pro subscribers. When you use this feature, Gitox sends only the data needed for that interaction and only after you act manually. This may include repository metadata generated by the app (such as branch, working tree status, recent commits, remotes, tags, and stashes), file contents you attach or choose for context, and your prompts/messages.
Requests go directly from your device to the AI endpoint configured in Settings. Depending on the selected auth type, that endpoint uses either your own API key or your GitHub account for Copilot. We do not proxy, collect, or store these requests on our servers, and nothing is sent in the background.
Your AI credentials or GitHub account token are stored exclusively in the iOS Keychain and are never transmitted to us.
05 In-App Purchases
Pro upgrade purchases are processed entirely by Apple via the App Store. We do not receive your payment information. Apple's Privacy Policy governs that transaction.
After a successful purchase, Apple issues a verification token that Gitox stores locally in the Keychain solely to remember your Pro status across app restarts.
06 OAuth Authentication
When you sign in with GitHub, GitLab, or Bitbucket using OAuth, the authorization happens in your browser or via the hosting provider's device flow. Gitox receives an access token directly from the provider, which is stored in the iOS Keychain. We never see your password.
07 Biometric Authentication
If you enable biometric lock (Face ID or Touch ID), authentication is handled entirely by iOS using the Secure Enclave. Gitox never accesses or stores biometric data — it only receives a yes/no result from the operating system.
08 Diagnostic Logs
Gitox maintains on-device logs for troubleshooting. Logs are automatically sanitized — tokens, passwords, SSH key material, and personal directory paths are redacted before storage. Logs are never uploaded anywhere and exist solely to help you diagnose issues via the in-app log viewer.
09 Data Deletion
All data Gitox stores is removed when you delete the app. To remove specific accounts or credentials before that, use the Accounts and SSH Identities sections in Settings.
10 Children's Privacy
Gitox is not directed at children under 13. We do not knowingly collect information from children.
11 Changes
If we make material changes, we will update the effective date above. Continued use of the app after changes constitutes acceptance of the updated policy.
12 Contact
Questions or concerns? contact@gitox.app